httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject Re: [RFC] Enable OCSP Stapling by default in httpd trunk
Date Tue, 01 Sep 2015 22:52:57 GMT
On 08/29/2015 08:10 PM, William A Rowe Jr wrote:
>
> On Aug 29, 2015 1:49 PM, "Jeff Trawick" <trawick@gmail.com 
> <mailto:trawick@gmail.com>> wrote:
> >
> > On 08/28/2015 04:17 PM, Tim Bannister wrote:
> >>
> >> Jeff Trawick <trawick@gmail.com <mailto:trawick@gmail.com>> wrote:
> >>>
> >>>
> >>> As of now there's still a veto on my suggestion of enabling 
> stapling by
> >>> default in the httpd trunk config.
> >>
> >> Would that default need to be backported to 2.4.x?
> >
> >
> > "need"?  No; 2.4.x is a separate consideration.
> >
> >
> >> If it can be on by default for trunk/2.5.x, and off by default in 
> earlier releases, this should surprise very few users.
> >>
> >> People upgrading from an older release could get a mild surprise, 
> but at the same time if you upgrade from 2.4.x to 2.5.x then surprises 
> aren't all that surprising.
> >>
> >> Overall I think the big question mark is around backport to 2.4.x 
> rather than the change to httpd trunk.
>
> I thought this question was largely resolved, that we wouldn't want 
> subversion updates to break a users config unexpectedly.  POLS.
>
You know this, but just for completeness: 
Subversion-update-breaks-users-config is when compiled-in default 
behavior changes, which could affect configurations with no stapling 
directive, which wasn't proposed even for trunk.

Mime
View raw message